For my setup, I have an external hosting service providing us an internet website and external DNS. We have two internet access providers each providing there own static IPs into our Watchguard firewall for failover internet access. When the primary internet access is up, everything works great. When we fail over to the backup internet connection, remote clients can no longer get email from outlook, cell phones etc. I assume this is because my autodiscover DNS entry is pointing to the primary internet access's IP address. Since I have a 2nd MX record setup for the backup IP and the watchguard, the exchange server stays alive, sending and receiving email, and any clients directly connected or VPN connected to our LAN work fine.

Right now, I have a single CAS server, with all the roles except the database/storage and a second server with the database/storage role.

How can I fix this so remote, non-vpn client can have their Outlook or devices get email when we fail over? I know I could DNS round robin, but that isn't the right way to fix this. Besides, my internet pipes are not of equal size.

http://public.wsu.edu/~brians/errors/their.html

The only way I can think of to do that is to put a load balancer in front of the two network connections.  I don't know how you would do that or even if it's possible since I'm not a network engineer.  What you have is a networking problem, not an Exchange problem.

Hi,

Based on my knowledge, the external users who are not using VPN are using Outlook Anywhere for Exchange access. Generally, the autodiscover service would connect to autodiscover.domain.com for accessing. If the autodiscover.domain.com is pointed to your primary internet access's IP, the autodiscover service for the second internet access would be failed.

I am not familair with the network configuration. Based on my knowledge in Exchange, I suggest we can create a SRV record for your second internet access. For example:

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: internet2.domain.com

Please keep point autodiscover.domain.com to your primary internet access's IP address, and point internet2.domain.com to your second internet access. Then when the Outlook Anywhere users use Autodiscover service, they would connect to https://autodiscover.domain.com/Autodiscover/Autodiscover.xml for autodiscover service for primary internet access, connect to https://internet2.domain.com/Autodiscover/Autodiscover.xml for autodiscover service in second internet access.

It is just a personal suggestion and I haven't do this deployment for any testing. Not sure whether it works.

Regards,